feat(source-aws-v2): support using a role object for role creation

blacha · blacha · commit ecb2837b2841 · 2022-05-11T10:03:08.000+12:00
diff --git a/packages/source-aws-v2/src/__test__/s3.credentials.test.ts b/packages/source-aws-v2/src/__test__/s3.credentials.test.ts
@@ -19,6 +19,24 @@ o.spec('AwsCredentials', () => {
     o(stub.args[1][0].params.DurationSeconds).equals(3601);
   });
 
+  o('should create a role from a object', () => {
+    const stub = sandbox.stub(aws, 'ChainableTemporaryCredentials');
+
+    AwsCredentials.fsFromRole({ roleArn: 'arn:abc', externalId: 'abc', durationSeconds: 50 });
+    o(stub.calledOnce).equals(true);
+
+    o(stub.args[0][0].params.RoleArn).equals('arn:abc');
+    o(stub.args[0][0].params.ExternalId).equals('abc');
+    o(stub.args[0][0].params.DurationSeconds).equals(50);
+
+    AwsCredentials.fsFromRole({ roleArn: 'arn:foo' });
+    o(stub.calledTwice).equals(true);
+
+    o(stub.args[1][0].params.RoleArn).equals('arn:foo');
+    o(stub.args[1][0].params.ExternalId).equals(undefined);
+    o(stub.args[1][0].params.DurationSeconds).equals(3600);
+  });
+
   o('should cache by roleArn', () => {
     const stub = sandbox.stub(aws, 'ChainableTemporaryCredentials');
     AwsCredentials.role('arn:foo:bar');
diff --git a/packages/source-aws-v2/src/s3.credentials.ts b/packages/source-aws-v2/src/s3.credentials.ts
@@ -3,6 +3,12 @@ import aws from 'aws-sdk/lib/core.js';
 import S3 from 'aws-sdk/clients/s3.js';
 import { FsAwsS3 } from '@chunkd/source-aws';
 
+interface RoleObject {
+  roleArn: string;
+  externalId?: string;
+  durationSeconds?: number;
+}
+
 export class AwsCredentials {
   static DefaultRoleDurationSeconds = 3600;
   static cache: Map<string, Credentials> = new Map();
@@ -11,10 +17,18 @@ export class AwsCredentials {
    * Create a FsS3 instance from a role arn
    *
    * @example
-   * Fs3.fromRoleArn('arn:foo', externalId, 900);
-   * FsS3.fromRoleArn('arn:bar');
+   *```typescript
+   * AwsCredentials.fromRoleArn('arn:foo', externalId, 900);
+   * AwsCredentials.fromRoleArn('arn:bar');
+   * AwsCredentials.fromRoleArn({ roleArn: 'arn:foo', externalId: 'bar', 'durationSeconds': 10})
+   * ```
    */
-  static fsFromRole(roleArn: string, externalId?: string, durationSeconds?: number): FsAwsS3 {
+  static fsFromRole(roleArn: RoleObject): FsAwsS3;
+  static fsFromRole(roleArn: string, externalId?: string, durationSeconds?: number): FsAwsS3;
+  static fsFromRole(roleArn: string | RoleObject, externalId?: string, durationSeconds?: number): FsAwsS3 {
+    if (typeof roleArn === 'object') {
+      return AwsCredentials.fsFromRole(roleArn.roleArn, roleArn.externalId, roleArn.durationSeconds);
+    }
     const credentials = AwsCredentials.role(roleArn, externalId, durationSeconds);
     return new FsAwsS3(new S3({ credentials }));
   }
